Russian Federation
The protection of official information in the EMERCOM of Russia since the beginning of 2022 is due to the constant increase in cyber attacks on government and other information systems. The task of ensuring the confidentiality, integrity and accessibility of information in the departmental digital information infrastructure is becoming increasingly urgent, not only from unauthorized access, but also from various destructive destabilizing effects of force and information leakage through technical channels. Technical channels can be used to collect the necessary data for successful computer attacks on the information infrastructure. Previously unknown threats are emerging with the use of hidden acoustic channels between isolated systems, inaudible to the human ear as a hidden channel in mobile devices. Due to the emergence of new threats associated with such leakage, it seems necessary to harmonize approaches to information protection, taking into account the generalization of approaches adopted by various federal executive authorities and state corporations. An analysis of regulatory legal acts in various departments shows increased attention to the technical protection of information, therefore, when organizing the protection of information of limited distribution in the EMERCOM of Russia, it is important to clarify internal approaches to ensuring its security.
protection, service information, goals, technical channels, information leakage, threats, requirements
1. Gordienko A.N. Konstitucionnye osnovy predotvrashcheniya chrezvychajnykh situacij // Pravo. Bezopasnost'. Chrezvychajnye situacii. 2024. № 2. S. 27–38.
2. Khabrieva T.Ya. Izbrannye trudy: v 10 t. T. 6: Teoriya tolkovaniya prava. Teoriya pravotvorchestva. Koncepcii razvitiya zakonodatel'stva. M., 2018. 472 s.
3. Bakhin S.V. Sotrudnichestvo gosudarstv po sblizheniyu nacional'nykh pravovykh sistem (unifikaciya i garmonizaciya prava): avtoref. dis. ... d-ra yurid. nauk. SPb., 2003. 46 s.
4. Khalyapin D.B., Terent'ev E.B. Tekhnicheskie kanaly utechki rechevoj informacii cherez izveshchateli okhranno-pozharnoj signalizacii // Izvestiya YuFu. Tekhnicheskie nauki. 2003. № 4. S. 110–111.
5. License: arXiv.org perpetual non-exclusive license arXiv:2409.04930v1 [cs.CR] 07 Sep 2024 // https://arxiv.org/html/2409.04930v1.
6. Guri M., Elovich Y. Bridgeware: Air-gapped malware. Commun. ACM, March 2018. № 61 (4). R. 74–82.
7. Guri M. Gpu-fan: Leaking sensitive data from isolated machines via hidden GPU fan noise. In Nordic Conference on Secure IT Systems, Springer, 2022. R. 194–211.
8. Na «vozdushnyj zazoR» nadejsya, a sam ne ploshaj: istoriya o radikal'nykh merakh kiberbezopasnosti. Blog kompanii Positive Technologies. 22 aprelya 2023. URL: https://smart-lab.ru/company/positive-technologies/blog/897260.php (data obrashcheniya: 18.11.2024).
9. Guri M., Zadov B., Elovich Y. Odiny: Leaking sensitive data from isolated Faraday cage computers using magnetic fields // IEEE. Transactions on Information Forensics and Security, 2019. Vol. 15. R. 1190–1203.
10. Khorev A.A. Tekhnicheskie kanaly utechki informacii, obrabatyvaemoj sredstvami vychislitel'noj tekhniki // Special'naya Tekhnika. № 2. 2010. S. 39–57.
11. Tekhnicheskie sredstva i metody zashchity informacii: ucheb. dlya vuzov / A.P. Zajcev [i dr.]; pod red. A.P. Zajceva, A.A. Shelupanova. M.: OOO Izd-vo «MashinostroeniE», 2009. 507 s.
12. Vvedenie v informacionnuyu bezopasnost': ucheb. posobie / A.A. Malyuk [i dr.]; pod red. V.S. Gorbatova. M.: Goryachaya liniya – Telekom, 2018. 288 s.
13. Bazovaya model' ugroz bezopasnosti personal'nykh dannykh pri ikh obrabotke v informacionnykh sistemakh personal'nykh dannykh (vypiska), utv. zamestitelem direktora FSTEHK Rossii 15 fevralya 2008 g. URL: http://https://normativ.kontur.ru/document?moduleId=1&documentId=204882 (data obrashcheniya: 28.12.2024).
